+/* $OpenLDAP$ */
/*
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+/* Portions
* Copyright (c) 1990 Regents of the University of Michigan.
* All rights reserved.
*
* search.c
*/
-#ifndef lint
-static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
-#endif
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-#ifdef MACOS
-#include <stdlib.h>
-#include "macos.h"
-#endif /* MACOS */
-
-#if defined( DOS ) || defined( _WIN32 )
-#include "msdos.h"
-#endif /* DOS */
-
-#if !defined(MACOS) && !defined(DOS) && !defined( _WIN32 )
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#endif
-#include "lber.h"
-#include "ldap.h"
+
+#include <ac/stdlib.h>
+
+#include <ac/ctype.h>
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/time.h>
+
#include "ldap-int.h"
-#ifdef NEEDPROTOS
-static char *find_right_paren( char *s );
-static char *put_complex_filter( BerElement *ber, char *str,
- unsigned long tag, int not );
-static int put_filter( BerElement *ber, char *str );
-static int put_simple_filter( BerElement *ber, char *str );
-static int put_substring_filter( BerElement *ber, char *type, char *str );
-static int put_filter_list( BerElement *ber, char *str );
-#else
-static char *find_right_paren();
-static char *put_complex_filter();
-static int put_filter();
-static int put_simple_filter();
-static int put_substring_filter();
-static int put_filter_list();
-#endif /* NEEDPROTOS */
+static int ldap_is_attr_oid LDAP_P((
+ const char *attr ));
+
+static int ldap_is_attr_desc LDAP_P((
+ const char *attr ));
+
+static int hex2value LDAP_P((
+ int c ));
+
+static char *find_right_paren LDAP_P((
+ char *s ));
+
+static char *put_complex_filter LDAP_P((
+ BerElement *ber,
+ char *str,
+ ber_tag_t tag,
+ int not ));
+
+static int put_filter LDAP_P((
+ BerElement *ber,
+ char *str ));
+
+static int put_simple_filter LDAP_P((
+ BerElement *ber,
+ char *str ));
+
+static int put_substring_filter LDAP_P((
+ BerElement *ber,
+ char *type,
+ char *str ));
+
+static int put_filter_list LDAP_P((
+ BerElement *ber,
+ char *str ));
/*
- * ldap_search - initiate an ldap (and X.500) search operation. Parameters:
+ * ldap_search_ext - initiate an ldap search operation.
+ *
+ * Parameters:
+ *
+ * ld LDAP descriptor
+ * base DN of the base object
+ * scope the search scope - one of LDAP_SCOPE_BASE,
+ * LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
+ * filter a string containing the search filter
+ * (e.g., "(|(cn=bob)(sn=bob))")
+ * attrs list of attribute types to return for matches
+ * attrsonly 1 => attributes only 0 => attributes and values
+ *
+ * Example:
+ * char *attrs[] = { "mail", "title", 0 };
+ * ldap_search_ext( ld, "c=us,o=UM", LDAP_SCOPE_SUBTREE, "cn~=bob",
+ * attrs, attrsonly, sctrls, ctrls, timeout, sizelimit,
+ * &msgid );
+ */
+int
+ldap_search_ext(
+ LDAP *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ struct timeval *timeout,
+ int sizelimit,
+ int *msgidp )
+{
+ BerElement *ber;
+ int timelimit;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_search_ext\n", 0, 0, 0 );
+
+ /*
+ * if timeout is provided, both tv_sec and tv_usec must
+ * be non-zero
+ */
+ if( timeout != NULL ) {
+ if( timeout->tv_sec == 0 && timeout->tv_usec == 0 ) {
+ return LDAP_PARAM_ERROR;
+ }
+
+ /* timelimit must be non-zero if timeout is provided */
+ timelimit = timeout->tv_sec != 0 ? timeout->tv_sec : 1;
+
+ } else {
+ /* no timeout, no timelimit */
+ timelimit = -1;
+ }
+
+ ber = ldap_build_search_req( ld, base, scope, filter, attrs,
+ attrsonly, sctrls, cctrls, timelimit, sizelimit );
+
+ if ( ber == NULL ) {
+ return ld->ld_errno;
+ }
+
+#ifndef LDAP_NOCACHE
+ if ( ld->ld_cache != NULL ) {
+ if ( ldap_check_cache( ld, LDAP_REQ_SEARCH, ber ) == 0 ) {
+ ber_free( ber, 1 );
+ ld->ld_errno = LDAP_SUCCESS;
+ *msgidp = ld->ld_msgid;
+ return ld->ld_errno;
+ }
+ ldap_add_request_to_cache( ld, LDAP_REQ_SEARCH, ber );
+ }
+#endif /* LDAP_NOCACHE */
+
+ /* send the message */
+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_SEARCH, base, ber );
+
+ if( *msgidp < 0 )
+ return ld->ld_errno;
+
+ return LDAP_SUCCESS;
+}
+
+int
+ldap_search_ext_s(
+ LDAP *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ struct timeval *timeout,
+ int sizelimit,
+ LDAPMessage **res )
+{
+ int rc;
+ int msgid;
+
+ rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
+ sctrls, cctrls, timeout, sizelimit, &msgid );
+
+ if ( rc != LDAP_SUCCESS ) {
+ return( rc );
+ }
+
+ rc = ldap_result( ld, msgid, 1, timeout, res );
+
+ if( rc <= 0 ) {
+ /* error(-1) or timeout(0) */
+ return( ld->ld_errno );
+ }
+
+ return( ldap_result2error( ld, *res, 0 ) );
+}
+
+/*
+ * ldap_search - initiate an ldap search operation.
+ *
+ * Parameters:
*
* ld LDAP descriptor
* base DN of the base object
* attrs, attrsonly );
*/
int
-ldap_search( LDAP *ld, char *base, int scope, char *filter,
+ldap_search(
+ LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter,
char **attrs, int attrsonly )
{
BerElement *ber;
Debug( LDAP_DEBUG_TRACE, "ldap_search\n", 0, 0, 0 );
- if (( ber = ldap_build_search_req( ld, base, scope, filter, attrs,
- attrsonly )) == NULLBER ) {
+ ber = ldap_build_search_req( ld, base, scope, filter, attrs,
+ attrsonly, NULL, NULL, -1, -1 );
+
+ if ( ber == NULL ) {
return( -1 );
}
-#ifndef NO_CACHE
+#ifndef LDAP_NOCACHE
if ( ld->ld_cache != NULL ) {
if ( ldap_check_cache( ld, LDAP_REQ_SEARCH, ber ) == 0 ) {
ber_free( ber, 1 );
}
ldap_add_request_to_cache( ld, LDAP_REQ_SEARCH, ber );
}
-#endif /* NO_CACHE */
+#endif /* LDAP_NOCACHE */
/* send the message */
return ( ldap_send_initial_request( ld, LDAP_REQ_SEARCH, base, ber ));
BerElement *
-ldap_build_search_req( LDAP *ld, char *base, int scope, char *filter,
- char **attrs, int attrsonly )
+ldap_build_search_req(
+ LDAP *ld,
+ LDAP_CONST char *base,
+ ber_int_t scope,
+ LDAP_CONST char *filter_in,
+ char **attrs,
+ ber_int_t attrsonly,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ ber_int_t timelimit,
+ ber_int_t sizelimit )
{
BerElement *ber;
int err;
+ char *filter;
/*
* Create the search request. It looks like this:
*/
/* create a message to send */
- if ( (ber = ldap_alloc_ber_with_options( ld )) == NULLBER ) {
- return( NULLBER );
+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+ return( NULL );
}
if ( base == NULL ) {
- base = "";
+ /* no base provided, use session default base */
+ base = ld->ld_options.ldo_defbase;
+
+ if ( base == NULL ) {
+ /* no session default base, use top */
+ base = "";
+ }
}
-#ifdef CLDAP
- if ( ld->ld_sb.sb_naddr > 0 ) {
+#ifdef LDAP_CONNECTIONLESS
+ if ( ld->ld_cldapnaddr > 0 ) {
err = ber_printf( ber, "{ist{seeiib", ++ld->ld_msgid,
- ld->ld_cldapdn, LDAP_REQ_SEARCH, base, scope, ld->ld_deref,
- ld->ld_sizelimit, ld->ld_timelimit, attrsonly );
+ ld->ld_cldapdn, LDAP_REQ_SEARCH, base, scope, ld->ld_deref,
+ (sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
+ (timelimit < 0) ? ld->ld_timelimit : timelimit,
+ attrsonly );
} else {
-#endif /* CLDAP */
+#endif /* LDAP_CONNECTIONLESS */
err = ber_printf( ber, "{it{seeiib", ++ld->ld_msgid,
- LDAP_REQ_SEARCH, base, scope, ld->ld_deref,
- ld->ld_sizelimit, ld->ld_timelimit, attrsonly );
-#ifdef CLDAP
+ LDAP_REQ_SEARCH, base, (ber_int_t) scope, ld->ld_deref,
+ (sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
+ (timelimit < 0) ? ld->ld_timelimit : timelimit,
+ attrsonly );
+#ifdef LDAP_CONNECTIONLESS
}
-#endif /* CLDAP */
+#endif /* LDAP_CONNECTIONLESS */
if ( err == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
- return( NULLBER );
+ return( NULL );
}
- filter = strdup( filter );
+ if( filter_in != NULL ) {
+ filter = LDAP_STRDUP( filter_in );
+ } else {
+ filter = LDAP_STRDUP( "(objectclass=*)" );
+ }
err = put_filter( ber, filter );
- free( filter );
+ LDAP_FREE( filter );
if ( err == -1 ) {
ld->ld_errno = LDAP_FILTER_ERROR;
ber_free( ber, 1 );
- return( NULLBER );
+ return( NULL );
}
- if ( ber_printf( ber, "{v}}}", attrs ) == -1 ) {
+ if ( ber_printf( ber, /*{*/ "{v}}", attrs ) == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
- return( NULLBER );
+ return( NULL );
+ }
+
+ /* Put Server Controls */
+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
+ ber_free( ber, 1 );
+ return( NULL );
+ }
+
+ if ( ber_printf( ber, /*{*/ "}", attrs ) == -1 ) {
+ ld->ld_errno = LDAP_ENCODING_ERROR;
+ ber_free( ber, 1 );
+ return( NULL );
}
return( ber );
}
+static int ldap_is_attr_oid ( const char *attr )
+{
+ int i, c, digit=0;
+
+ for( i = 0; (c = attr[i]) != 0; i++ ) {
+ if( c >= '0' && c <= '9' ) {
+ digit=1;
+
+ } else if ( c != '.' ) {
+ /* not digit nor '.' */
+ return 0;
+
+ } else if ( !digit ) {
+ /* '.' but prev not digit */
+ return 0;
+
+ } else {
+ /* '.' */
+ digit = 0;
+ }
+ }
+
+ return digit;
+}
+
+static int ldap_is_attr_desc ( const char *attr )
+{
+ /* cheap attribute description check */
+ int i, c;
+
+ for( i = 0; (c = attr[i]) != 0; i++ ) {
+ if (( c >= '0' && c <= '9' )
+ || ( c >= 'A' && c <= 'Z' )
+ || ( c >= 'a' && c <= 'z' )
+ || ( c == '.' || c == '-' )
+ || ( c == ';' )) continue;
+
+ return 0;
+ }
+
+ return i > 0;
+}
+
static char *
find_right_paren( char *s )
{
return( *s ? s : NULL );
}
+static int hex2value( int c )
+{
+ if( c >= '0' && c <= '9' ) {
+ return c - '0';
+ }
+
+ if( c >= 'A' && c <= 'F' ) {
+ return c + (10 - (int) 'A');
+ }
+
+ if( c >= 'a' && c <= 'f' ) {
+ return c + (10 - (int) 'a');
+ }
+
+ return -1;
+}
+
+char *
+ldap_pvt_find_wildcard( const char *s )
+{
+ for( ; *s != '\0' ; s++ ) {
+ switch( *s ) {
+ case '*': /* found wildcard */
+ return (char *) s;
+
+ case '\\':
+ s++; /* skip over escape */
+ if ( *s == '\0' )
+ return NULL; /* escape at end of string */
+ }
+ }
+
+ return NULL;
+}
+
+/* unescape filter value */
+/* support both LDAP v2 and v3 escapes */
+/* output can include nul characters */
+ber_slen_t
+ldap_pvt_filter_value_unescape( char *fval )
+{
+ ber_slen_t r, v;
+ int v1, v2;
+
+ for( r=v=0; fval[v] != '\0'; v++ ) {
+ switch( fval[v] ) {
+ case '\\':
+ /* escape */
+ v++;
+
+ if ( fval[v] == '\0' ) {
+ /* escape at end of string */
+ return -1;
+
+ }
+
+ if (( v1 = hex2value( fval[v] )) >= 0 ) {
+ /* LDAPv3 escape */
+
+ if (( v2 = hex2value( fval[v+1] )) < 0 ) {
+ /* must be two digit code */
+ return -1;
+ }
+
+ fval[r++] = v1 * 16 + v2;
+ v++;
+
+ } else {
+ /* LDAPv2 escape */
+ fval[r++] = fval[v];
+ }
+
+ break;
+
+ default:
+ fval[r++] = fval[v];
+ }
+ }
+
+ fval[r] = '\0';
+ return r;
+}
+
static char *
-put_complex_filter( BerElement *ber, char *str, unsigned long tag, int not )
+put_complex_filter( BerElement *ber, char *str, ber_tag_t tag, int not )
{
char *next;
*/
/* put explicit tag */
- if ( ber_printf( ber, "t{", tag ) == -1 )
+ if ( ber_printf( ber, "t{" /*}*/, tag ) == -1 )
return( NULL );
-/*
- if ( !not && ber_printf( ber, "{" ) == -1 )
- return( NULL );
-*/
str++;
if ( (next = find_right_paren( str )) == NULL )
*next++ = ')';
/* flush explicit tagged thang */
- if ( ber_printf( ber, "}" ) == -1 )
- return( NULL );
-/*
- if ( !not && ber_printf( ber, "}" ) == -1 )
+ if ( ber_printf( ber, /*{*/ "}" ) == -1 )
return( NULL );
-*/
return( next );
}
static int
put_filter( BerElement *ber, char *str )
{
- char *next, *tmp, *s, *d;
- int parens, balance, escape, gotescape;
+ char *next;
+ int parens, balance, escape;
/*
* A Filter looks like this:
* substrings [4] SubstringFilter,
* greaterOrEqual [5] AttributeValueAssertion,
* lessOrEqual [6] AttributeValueAssertion,
- * present [7] AttributeType,,
- * approxMatch [8] AttributeValueAssertion
+ * present [7] AttributeType,
+ * approxMatch [8] AttributeValueAssertion,
+ * extensibleMatch [9] MatchingRuleAssertion -- LDAPv3
* }
*
* SubstringFilter ::= SEQUENCE {
* final [2] IA5String
* }
* }
+ *
+ * MatchingRuleAssertion ::= SEQUENCE { -- LDAPv3
+ * matchingRule [1] MatchingRuleId OPTIONAL,
+ * type [2] AttributeDescription OPTIONAL,
+ * matchValue [3] AssertionValue,
+ * dnAttributes [4] BOOLEAN DEFAULT FALSE }
+ *
* Note: tags in a choice are always explicit
*/
Debug( LDAP_DEBUG_TRACE, "put_filter \"%s\"\n", str, 0, 0 );
- gotescape = parens = 0;
+ parens = 0;
while ( *str ) {
switch ( *str ) {
case '(':
str++;
parens++;
+
+ /* skip spaces */
+ while( isspace( *str ) ) str++;
+
switch ( *str ) {
case '&':
Debug( LDAP_DEBUG_TRACE, "put_filter: AND\n",
balance--;
}
if ( *next == '\\' && ! escape )
- gotescape = escape = 1;
+ escape = 1;
else
escape = 0;
if ( balance )
return( -1 );
*next = '\0';
- tmp = strdup( str );
- if ( gotescape ) {
- escape = 0;
- for ( s = d = tmp; *s; s++ ) {
- if ( *s != '\\' || escape ) {
- *d++ = *s;
- escape = 0;
- } else {
- escape = 1;
- }
- }
- *d = '\0';
- }
- if ( put_simple_filter( ber, tmp ) == -1 ) {
- free( tmp );
+ if ( put_simple_filter( ber, str ) == -1 ) {
return( -1 );
}
- free( tmp );
*next++ = ')';
str = next;
parens--;
case ')':
Debug( LDAP_DEBUG_TRACE, "put_filter: end\n", 0, 0,
0 );
- if ( ber_printf( ber, "]" ) == -1 )
+ if ( ber_printf( ber, /*[*/ "]" ) == -1 )
return( -1 );
str++;
parens--;
Debug( LDAP_DEBUG_TRACE, "put_filter: default\n", 0, 0,
0 );
next = strchr( str, '\0' );
- tmp = strdup( str );
- if ( strchr( tmp, '\\' ) != NULL ) {
- escape = 0;
- for ( s = d = tmp; *s; s++ ) {
- if ( *s != '\\' || escape ) {
- *d++ = *s;
- escape = 0;
- } else {
- escape = 1;
- }
- }
- *d = '\0';
- }
- if ( put_simple_filter( ber, tmp ) == -1 ) {
- free( tmp );
+ if ( put_simple_filter( ber, str ) == -1 ) {
return( -1 );
}
- free( tmp );
str = next;
break;
}
Debug( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n", str, 0, 0 );
while ( *str ) {
- while ( *str && isspace( *str ) )
+ while ( *str && isspace( (unsigned char) *str ) )
str++;
if ( *str == '\0' )
break;
}
static int
-put_simple_filter( BerElement *ber, char *str )
+put_simple_filter(
+ BerElement *ber,
+ char *str )
{
char *s;
- char *value, savechar;
- unsigned long ftype;
- int rc;
+ char *value;
+ ber_tag_t ftype;
+ int rc = -1;
Debug( LDAP_DEBUG_TRACE, "put_simple_filter \"%s\"\n", str, 0, 0 );
- if ( (s = strchr( str, '=' )) == NULL )
- return( -1 );
+ str = LDAP_STRDUP( str );
+ if( str == NULL ) return -1;
+
+ if ( (s = strchr( str, '=' )) == NULL ) {
+ goto done;
+ }
+
value = s + 1;
*s-- = '\0';
- savechar = *s;
switch ( *s ) {
case '<':
ftype = LDAP_FILTER_LE;
*s = '\0';
+ if(! ldap_is_attr_desc( str ) ) goto done;
break;
+
case '>':
ftype = LDAP_FILTER_GE;
*s = '\0';
+ if(! ldap_is_attr_desc( str ) ) goto done;
break;
+
case '~':
ftype = LDAP_FILTER_APPROX;
*s = '\0';
+ if(! ldap_is_attr_desc( str ) ) goto done;
break;
+
+ case ':':
+ /* RFC2254 extensible filters are off the form:
+ * type [:dn] [:rule] := value
+ * or [:dn]:rule := value
+ */
+ ftype = LDAP_FILTER_EXT;
+ *s = '\0';
+
+ {
+ char *dn = strchr( str, ':' );
+ char *rule = NULL;
+
+ if( dn == NULL ) {
+ if(! ldap_is_attr_desc( str ) ) goto done;
+ break;
+ }
+
+ *dn++ = '\0';
+ rule = strchr( dn, ':' );
+
+ if( rule == NULL ) {
+ /* one colon */
+ if ( strcmp(dn, "dn") == 0 ) {
+ /* must have attribute */
+ if( !ldap_is_attr_desc( str ) ) {
+ goto done;
+ }
+
+ rule = "";
+
+ } else {
+ rule = dn;
+ dn = NULL;
+ }
+
+ } else {
+ /* two colons */
+ *rule++ = '\0';
+
+ if ( strcmp(dn, "dn") != 0 ) {
+ /* must have "dn" */
+ goto done;
+ }
+ }
+
+ if ( *str == '\0' && *rule == '\0' ) {
+ /* must have either type or rule */
+ goto done;
+ }
+
+ if ( *str != '\0' && !ldap_is_attr_desc( str ) ) {
+ goto done;
+ }
+
+ if ( *rule != '\0' && !ldap_is_attr_oid( rule ) ) {
+ goto done;
+ }
+
+ rc = ber_printf( ber, "t{" /*}*/, ftype );
+
+ if( rc != -1 && *rule != '\0' ) {
+ rc = ber_printf( ber, "ts", LDAP_FILTER_EXT_OID, rule );
+ }
+ if( rc != -1 && *str != '\0' ) {
+ rc = ber_printf( ber, "ts", LDAP_FILTER_EXT_TYPE, str );
+ }
+
+ if( rc != -1 ) {
+ ber_slen_t len = ldap_pvt_filter_value_unescape( value );
+
+ if( len >= 0 ) {
+ rc = ber_printf( ber, "totb}",
+ LDAP_FILTER_EXT_VALUE, value, len,
+ LDAP_FILTER_EXT_DNATTRS, dn != NULL);
+ } else {
+ rc = -1;
+ }
+ }
+ }
+ break;
+
default:
- if ( strchr( value, '*' ) == NULL ) {
+ if ( ldap_pvt_find_wildcard( value ) == NULL ) {
ftype = LDAP_FILTER_EQUALITY;
} else if ( strcmp( value, "*" ) == 0 ) {
ftype = LDAP_FILTER_PRESENT;
} else {
rc = put_substring_filter( ber, str, value );
- *(value-1) = '=';
- return( rc );
+ goto done;
}
break;
}
if ( ftype == LDAP_FILTER_PRESENT ) {
rc = ber_printf( ber, "ts", ftype, str );
+
} else {
- rc = ber_printf( ber, "t{ss}", ftype, str, value );
+ ber_slen_t len = ldap_pvt_filter_value_unescape( value );
+
+ if( len >= 0 ) {
+ rc = ber_printf( ber, "t{so}",
+ ftype, str, value, len );
+ }
}
- *s = savechar;
- *(value-1) = '=';
- return( rc == -1 ? rc : 0 );
+ if( rc != -1 ) rc = 0;
+
+done:
+ LDAP_FREE( str );
+ return rc;
}
static int
put_substring_filter( BerElement *ber, char *type, char *val )
{
char *nextstar, gotstar = 0;
- unsigned long ftype;
+ ber_tag_t ftype = LDAP_FILTER_SUBSTRINGS;
Debug( LDAP_DEBUG_TRACE, "put_substring_filter \"%s=%s\"\n", type,
val, 0 );
- if ( ber_printf( ber, "t{s{", LDAP_FILTER_SUBSTRINGS, type ) == -1 )
+ if ( ber_printf( ber, "t{s{", ftype, type ) == -1 )
return( -1 );
- while ( val != NULL ) {
- if ( (nextstar = strchr( val, '*' )) != NULL )
+ for( ; val != NULL; val=nextstar ) {
+ if ( (nextstar = ldap_pvt_find_wildcard( val )) != NULL )
*nextstar++ = '\0';
if ( gotstar == 0 ) {
} else {
ftype = LDAP_SUBSTRING_ANY;
}
+
if ( *val != '\0' ) {
- if ( ber_printf( ber, "ts", ftype, val ) == -1 )
+ ber_slen_t len = ldap_pvt_filter_value_unescape( val );
+
+ if ( len < 0 ) {
+ return -1;
+ }
+
+ if ( ber_printf( ber, "to", ftype, val, len ) == -1 ) {
return( -1 );
+ }
}
gotstar = 1;
- if ( nextstar != NULL )
- *(nextstar-1) = '*';
- val = nextstar;
}
- if ( ber_printf( ber, "}}" ) == -1 )
+ if ( ber_printf( ber, /* {{ */ "}}" ) == -1 )
return( -1 );
return( 0 );
}
int
-ldap_search_st( LDAP *ld, char *base, int scope, char *filter, char **attrs,
+ldap_search_st(
+ LDAP *ld, LDAP_CONST char *base, int scope,
+ LDAP_CONST char *filter, char **attrs,
int attrsonly, struct timeval *timeout, LDAPMessage **res )
{
int msgid;
}
int
-ldap_search_s( LDAP *ld, char *base, int scope, char *filter, char **attrs,
- int attrsonly, LDAPMessage **res )
+ldap_search_s(
+ LDAP *ld,
+ LDAP_CONST char *base,
+ int scope,
+ LDAP_CONST char *filter,
+ char **attrs,
+ int attrsonly,
+ LDAPMessage **res )
{
int msgid;